.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:44:05.200321936Z | 48 | PC: 1361d | Get DOS version |
| 2018-12-17T22:44:05.201680499Z | 25 | PC: 137a8 | Get default drive |
| 2018-12-17T22:44:05.202838389Z | 14 | PC: 137ae | Set default drive (Drive = 'A') |
| 2018-12-17T22:44:05.204666514Z | 37 | PC: 13643 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:05.205922715Z | 46 | PC: 13636 | Set verify flag |
| 2018-12-17T22:44:05.207369755Z | 71 | PC: 131ec | Get current directory |
| 2018-12-17T22:44:05.210951133Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:44:05.217559531Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:44:05.227581405Z | 71 | PC: 131ec | Get current directory |
| 2018-12-17T22:44:05.23157776Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:44:05.240602187Z | 65 | PC: 133ef | Delete file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:44:05.261111508Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:44:05.297681602Z | 26 | PC: 1376d | Set disk transfer address |
| 2018-12-17T22:44:05.29905006Z | 78 | PC: 13302 | Find first file |
| 2018-12-17T22:44:05.307658589Z | 67 | PC: 133d7 | Get or set file attributes |
| 2018-12-17T22:44:05.71599083Z | 61 | PC: 13531 | Open file (Filename = 'C:\IO.SYS') |
| 2018-12-17T22:44:05.722008405Z | 66 | PC: 13488 | Move file pointer |
| 2018-12-17T22:44:05.723375175Z | 66 | PC: 13493 | Move file pointer |
| 2018-12-17T22:44:05.725158653Z | 66 | PC: 1349f | Move file pointer |
| 2018-12-17T22:44:05.72697754Z | 54 | PC: 1377e | Get free disk space |
| 2018-12-17T22:44:05.732251333Z | 66 | PC: 1356d | Move file pointer |
| 2018-12-17T22:44:05.734219601Z | 64 | PC: 13575 | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:44:05.857655683Z | 66 | PC: 13580 | Move file pointer |
| 2018-12-17T22:44:05.85963061Z | 62 | PC: 13444 | Close file |
| 2018-12-17T22:44:05.873342382Z | 67 | PC: 133d7 | Get or set file attributes |
| 2018-12-17T22:44:05.883173847Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:44:05.884245803Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:44:05.889272082Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:44:05.891570129Z | 74 | PC: 13744 | Reallocate memory |
| 2018-12-17T22:44:05.892988408Z | 42 | PC: 130a0 | Get date 0x130a0: xchg ax, cx 0x130a1: xchg ax, dx 0x130a2: mov ch, bh 0x130a4: pop bx 0x130a5: ret 0x130a6: push cx 0x130a7: mov ah, 0x2c 0x130a9: int 0x21 0x130ab: xchg ax, dx 0x130ac: mov dx, cx 0x130ae: pop cx 0x130af: ret 0x130b0: push bx 0x130b1: push cx 0x130b2: push di 0x130b3: mov dx, cx 0x130b5: xchg ax, bx 0x130b6: mov bx, 0x5dc 0x130b9: cmp dx, bx 0x130bb: jae 0x130e8 |
| 2018-12-17T22:44:05.895808383Z | 44 | PC: 130ab | Get time 0x130ab: xchg ax, dx 0x130ac: mov dx, cx 0x130ae: pop cx 0x130af: ret 0x130b0: push bx 0x130b1: push cx 0x130b2: push di 0x130b3: mov dx, cx 0x130b5: xchg ax, bx 0x130b6: mov bx, 0x5dc 0x130b9: cmp dx, bx 0x130bb: jae 0x130e8 0x130bd: div bx 0x130bf: mov cx, dx 0x130c1: mov bl, 0xf0 0x130c3: cmp ah, bl 0x130c5: jae 0x130e8 0x130c7: div bl 0x130c9: mov di, ax 0x130cb: xchg ah, al |
| 2018-12-17T22:44:05.92431412Z | 61 | PC: 13531 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:44:05.933588604Z | 74 | PC: 13744 | Reallocate memory |
| 2018-12-17T22:44:05.935574229Z | 81 | PC: 12145 | Get current PSP |